Class: ADAL::ClientAssertionCertificate

Inherits:

Object

• Object
• ADAL::ClientAssertionCertificate

Includes:

RequestParameters

Defined in:

lib/adal/client_assertion_certificate.rb

Overview

An assertion made by a client with an X509 certificate. This requires both the public and private keys. Technically it only requires the thumbprint of the public key, however OpenSSL’s object model does not include thumbprints.

Constant Summary

MIN_KEY_SIZE_BITS =

2014

Constants included from RequestParameters

RequestParameters::AAD_API_VERSION, RequestParameters::ASSERTION, RequestParameters::CLIENT_ASSERTION, RequestParameters::CLIENT_ASSERTION_TYPE, RequestParameters::CLIENT_ID, RequestParameters::CLIENT_REQUEST_ID, RequestParameters::CLIENT_RETURN_CLIENT_REQUEST_ID, RequestParameters::CLIENT_SECRET, RequestParameters::CODE, RequestParameters::FORM_POST, RequestParameters::GRANT_TYPE, RequestParameters::PASSWORD, RequestParameters::REDIRECT_URI, RequestParameters::REFRESH_TOKEN, RequestParameters::RESOURCE, RequestParameters::SCOPE, RequestParameters::UNIQUE_ID, RequestParameters::USERNAME, RequestParameters::USER_INFO

Instance Attribute Summary

• #certificate ⇒ Object readonly

  Returns the value of attribute certificate.

• #client_id ⇒ Object readonly

  Returns the value of attribute client_id.

Instance Method Summary

• #initialize(authority, client_id, pkcs12_file) ⇒ ClientAssertionCertificate constructor

  Creates a new ClientAssertionCertificate.

• #request_params ⇒ Object

  The relevant parameters from this credential for OAuth.

Constructor Details

#initialize(authority, client_id, pkcs12_file) ⇒ ClientAssertionCertificate

Creates a new ClientAssertionCertificate.

Parameters:

• Authority —

  authority The authority object that will recognize this certificate.

• client_id (String) —

  The client id of the calling application.

• pkcs12_file (OpenSSL::PKCS12) —

  The PKCS12 file containing the certificate and private key.

# File 'lib/adal/client_assertion_certificate.rb', line 47

def initialize(authority, client_id, pkcs12_file)
  unless pkcs12_file.is_a? OpenSSL::PKCS12
    fail ArgumentError, 'Only PKCS12 file format is supported.'
  end
  @authority = authority
  @certificate = pkcs12_file.certificate
  @client_id = client_id.to_s
  @private_key = pkcs12_file.key
  validate_certificate_and_key(@certificate, @private_key)
end

Instance Attribute Details

#certificate ⇒ Object (readonly)

Returns the value of attribute certificate.

# File 'lib/adal/client_assertion_certificate.rb', line 35

def certificate
  @certificate
end

#client_id ⇒ Object (readonly)

Returns the value of attribute client_id.

# File 'lib/adal/client_assertion_certificate.rb', line 36

def client_id
  @client_id
end

Instance Method Details

#request_params ⇒ Object

The relevant parameters from this credential for OAuth.

# File 'lib/adal/client_assertion_certificate.rb', line 59

def request_params
  jwt_assertion = SelfSignedJwtFactory
                  .new(@client_id, @authority.token_endpoint)
                  .create_and_sign_jwt(@certificate, @private_key)
  ClientAssertion.new(client_id, jwt_assertion).request_params
end